ibeam Any way to manually input 2FA code?

For straightforward use, when we dont automatize 2FA, we get:

No 2FA handler found. You may define your own 2FA handler or use built-in handlers. See documentation for more. No 2FA code returned. Aborting authentication.

can we do so, that instead of Aborting authentication... it asked us for code, and we could enter that code inside terminal?

(as it shows the temp number there https://i.imgur.com/afYaxVj.png , the console message should contain that code too, so we generate the 2-FA response code according to that returned code)

Mar 11 '22 13:03 ttodua

@ttodua, I was looking for a way to implement this too. I think that I discovered a possibility:

In this line here, the script calls the handle_two_fa function: https://github.com/Voyz/ibeam/blob/3e0f79f4726538fdb69332c1db9fa5bded4bc6b1/ibeam/src/authenticate.py#L203

Where this script is being called, since the headless webdriver is already open we could just simply have the driver locate the challenge code and send it as a new parameter in this handle_two_fa function.

Would be nice if this was implemented!

Mar 29 '22 06:03 hschickdevs

Thanks for baring with me @ttodua - been quite busy past few weeks 👍

I think you could achieve this by implementing a Custom TwoFaHandler:

class KeyboardInputTwoFaHandler(TwoFaHandler):

    def get_two_fa_code(self) -> Union[str, None]:
        return input('Provide IBKR 2FA code:')

Would that work for you?

Mar 29 '22 10:03 Voyz

@Voyz Thanks for reply. Sorry, but i think in my use case I cant edit the files or implement custom codes. I just wanted to know if there was easier way, like set IBEAM_TWO_FA_HANDLER to userinput (or etc) and it asked me for input in terminal while running app. also, ibkr has 'seamless 2fa authentication' which just sends notification to phone where we can press just 'yes, it was me' like button and then the gateway autologins itself when we confirm from mobile phone.

so, the above 2 ways seems not to be implemented in your solution. anyway thanks

Mar 29 '22 15:03 ttodua

Hey @Voyz, I tried this suggestion and received the following error:

Traceback (most recent call last): File "/srv/ibeam/src/authenticate.py", line 300, in handle_two_fa two_fa_code = two_fa_handler.get_two_fa_code() File "/srv/inputs/two_fa_handler.py", line 23, in get_two_fa_code return input("Please enter the 2FA code you received: ").strip() EOFError: EOF when reading a line

Any idea what could be going on here?

Mar 29 '22 20:03 hschickdevs

@ttodua I solved this problem by implementing a custom 2FA handler that uses the Telegram Bot API to prompt for the 2FA key, and waits for the response.

Apr 02 '22 20:04 hschickdevs

hey @ttodua thanks for expanding on your use case. Currently there is no way to do it by just setting one parameter. Feel free to submit a PR contributing the changes you'd like to see in IBeam 👍

@hschickdevs if you're running the container detached this error sounds reasonable, as IBeam has no way to acquire the input from outside of Docker. Would it also happen if you run the container with a console attached to it (ie. without -d flag)?

Happy to hear you worked out a solution with a Telegram bot 👏 Would you be okay to share the custom 2fa handler you built?

Apr 07 '22 11:04 Voyz

@Voyz thanks for reply, actually i've moved away from this application (because of that and some reasons) and can't do anything. regards. (also, for temporary testing, the 'seamless authentication' which IBKR uses, and sends notification to mobile to just click 'confirm' - was acceptable for my testing). by the way, IBKR has the most inconvenient 2-fa system I've ever seen, by preventing users to use QR code. the outdate, stone age policy.

Apr 07 '22 12:04 ttodua

Hi @Voyz, I'd be happy to share.

Here is the permalink to my handler: https://github.com/hschickdevs/ibeam/blob/384b3f5980be0f9ffe0161775e75edac24145e10/ibeam/src/two_fa_handlers/telegram_msg_handler.py

I've also added here the ability to pass the 2FA challenge key to any of the handlers that inherit from TwoFaHandler.

Apr 08 '22 05:04 hschickdevs

Hi @Voyz this is a great library. In the youtube video you uploaded, it looks like you don't have to deal with 2FA. How did you achieve this? I opted out but I'm still being asked to enter the challenge code.

Jul 21 '22 04:07 diegozimet

Hey @diegozimet - the short video I uploaded uses paper trading which is why there is no 2FA required. FYI: see this section for disabling 2FA: https://github.com/Voyz/ibeam/wiki/Two-Factor-Authentication#disabling-2fa

Jul 22 '22 08:07 Voyz

That's great to know. Thanks @Voyz !

Jul 22 '22 17:07 diegozimet

Unfortunately they dont let you to opt out of 2FA anymore as a standard policy. Even those who have been able to opt out previously will be moved to 2FA. I tried this after creating a second user as per the link above. Let me know if anyone else was successfully able to bypass 2FA.

Jul 28 '22 02:07 dedupe1

I created a new user, and as long as I don't set up 2FA, when I log in I get a screen that asks me to scan a QR code, but there's also a "continue" link, which I click to bypass the QR code setup...

Jul 28 '22 03:07 diegozimet

Hi Diego, I tried that, but the ibeam gateway refused to authenticate that way. Did you get it to work somehow ? Let me know how and I'll create another user ;-)

Jul 28 '22 06:07 dedupe1

This is frustrating, apparently even SMS based 2FA is supposed to only be a temporary thing and market data access is different for SMS 2FA vs the app alert. Wonder what others are using for a long term 2FA solution.

Aug 01 '22 02:08 dedupe1

I'm going to close this issue due to lack of activity. Feel free to reopen if you'd like to continue the discussion 👍 Thanks for participating!

Nov 16 '22 15:11 Voyz